<?php

class PasswordHash
{
    private static function randString( $count )
    {
        $validCharacters = "abcdefghijklmnopqrstuxyvwzABCDEFGHIJKLMNOPQRSTUXYVWZ+-*#&@!?";
        $validCharNumber = strlen( $validCharacters );
     
        $randomString = "";
        for ($i = 0; $i < $count; $i ++)
        {
            $index = mt_rand( 0, $validCharNumber - 1 );
            $randomCharacter = $validCharacters[ $index ];
            $randomString .= $randomCharacter;
        }
        
        return $randomString;
    }
    
    private static function createPasswordHash( $password, $salt )
    {
        $passwordHashNoSalt = sha1( $password, true );
        $saltHash = sha1( $salt, true );
        $passwordHashNoSalt .= $saltHash;
        return sha1( $passwordHashNoSalt, true );
    }
    
    public static function hashPassword( $password, & $salt, & $passwordHash )
    {
        $saltStr = PasswordHash::randString( 40 );
        $passwordHash = base64_encode( PasswordHash::createPasswordHash( $password, $saltStr ) );
        $salt = base64_encode( $saltStr );
    }
    
    public static function verifyPasswordHash( $password, $salt, $controlPasswordHash )
    {
     // $saltBytes =  $salt ) );
     // $controlHash = base64_decode( $controlPasswordHash );
      return ( PasswordHash::createPasswordHash( $password, base64_decode( $salt ) ) == base64_decode( $controlPasswordHash ) );
    }
}
?>
